A friend DMs me on Twitter:
yo, you know how security cameras are sometimes open feeds on the internet?
is there any chance ICE fucked up in this very specific way at a facility?
That sounds very plausible. Let’s give it a try. Webcam scanning with Shodan is a pretty well-known technique at this point. I’m not very familiar with it, so it’s time to learn.
First idea: IP ranges
With cursory knowledge, it seemed like the best approach would be to feed Shodan an IP range for the state of Texas (or other Mexico-border states) and then look through the resulting webcams by hand for anything that looks like a prison, holding facility, or government institution.
To do this, first you would need to find IP ranges for the state of Texas
El Paso: 18.104.22.168 - 22.214.171.124
Better idea: query by latitude and longitude
But then I started doing more research on how to use shodan, and found a great guide:
Shodan even enables us to be very specific in searching for web-enabled devices. In some cases, we can specify the longitude and latitude of the devices we want to find.
In this case, we will be looking for WebcamXP cameras at the longitude and latitude (-37.81, 144.96) of the city of Melbourne, Australia. When we search, we get a list of every WebcamXP at those coordinates on the globe. We must use the keyword geo followed by the longitude and latitude.
webcamxp geo: -37.81,144.96
Oh! I don’t need to use IP ranges at all. I can just feed latitudes and longitudes directly into my searches.
Now, we need a geocoded list of every ICE facility. Luckily, I’ve already done that based on data released in response to a FOIA from Immigrant Justice. This data is hosted on a wikipedia-style site I created for open source information related to ICE.
This excellent resource on manipulating CSVs with the command line teaches us:
Specific columns can also be easily extracted from CSVs. For example, if we wanted to extract columns 2, 4, 5, and 6 from input.csv:
cut -d , -f 2,4-6 input.csv
The first example in the Shodan CLI documentation is
shodan count microsoft iis 6.0 which returns
What we want to do is go through our list of ICE facilities and do shodan scans of their longitude/latitude.
Using the shodan CLI, it should be possible to automate this a bit.
Basically we want to parse our CSV of every facility, pull out the latitude and longitude of that facility, feed that to shodan, run our search, and save the results to a file where we can go back and look for any results (anything besides a 0).
We want our results to look something like this:
This article, helpfully, gives us a list of webcam brands to search for:
- Samsung Electronics
- Samsung Techwin
Unfortunately I did not find anything. After running through all of these manufacturers and a number of locations, then combing through the results by hand, I did not locate any unsecured webcams of interest to this particular search.